A colleague recently shared this video that pokes fun of the “always on, gotta share everything on social networks” lifestyle for many people here in America. It is a serious issue for professionals here in the US, especially if they work in education or youth service nonprofits. In many places in the world, sharing everything online can be a life and death matter particularly for activists working in certain countries.

For the curriculum we’re developing for the E-Mediat project, a social media capacity project for NGOs in the Arab World, you can’t train NGOs on effective use of social media without addressing issues of privacy and security. This past month, I took a deep dive looking at the privacy and security how-to guides available. I thought I’d share (couldn’t resist) and summarize some of what I learned here.

There are two particularly useful guides (both available in other languages including Arabic). They are Security in a Box and Protecting Your Security Online. Both guides are written for citizens in the Middle East and North Africa who want to use technology safely to communicate, organize, and share data, but the tips and recommendations are useful for anyone working for a nonprofit who needs to mindful about privacy. Here’s a curated collection of privacy tutorials for NGOs here.

Privacy

Social networking sites like Facebook make it easy for sensitive information about us to be made public unintentionally. Therefore, it is important to understand how to best protect one’s own privacy as well as others. Tactical Technology’s Security in A Box suggests asking a couple of good reflective questions about your account on any online social networking platform where you set up a presence:

Who can access the information I am putting online?

Who controls and owns the information I put into a social networking site?

What information about me are my contacts passing on to other people?

Will my contacts mind if I share information about them with other people?

Do I trust everyone with whom I’m connected?

Publishing content on Facebook, Twitter, and other platforms has become a requirement for NGOs that want a presence and to participate on social channels. However, they should not rely on a social platform as the single host for their information. First, it is very easy for governments to block access and it can happen without warning. Also, some social networking sites may remove objectionable content themselves, rather than face a censorship battle . There are also other reasons to avoid publishing all your content on social sites.

Be careful about sharing too much information in your status updates – even if you trust your “friends.” In the United States, sharing too much information has resulted in burglaries. It is easy for someone to copy status information. Most social networks allow automatically cross posting information with other social networks. For example your tweets can be automatically shared on your Facebook account. You may be intentionally sharing sensitive information from one channel to another. Plus, it isn’t a good practice for inspiring engagement.

The AccessNow Guide offers some critical basic tips for protecting security on free hosted email services like Google’s Gmail and Hotmail, both offers something called end-to-end encryption (HTTPS) which makes using them secure. More advice on keeping email communication, see Security in a Box tip sheet and for specifics regarding Gmail see the security check list and Hotmail’s guide. This FireFox plugin called HTTPS Everywhere is handy.

Normally, voice communication over the Internet is no more secure than unprotected email and instant messaging. Only Skype and Gizmo offer encryption for voice conversations, and then only if you are calling another VoIP user, as opposed to a mobile or landline telephone. See Security in a Box tip sheet for more options.

Always make sure you use secure passwords to access social networks and your email. If anyone else does get into your account, they are gaining access to a lot of information about you and about anyone else you are connected to via that social network. Change your passwords regularly as a matter of routine. See Security in A Box: How to create and maintain secure passwords for more information.

Here are some tips from AccessNow Guide on how to create strong passwords:

Make your passphrases twelve or more characters long; this makes it harder to crack using various software programs.

Use a combination of symbols, numbers, uppercase and lowercase letters. One way is to include symbols and numbers for words and letters in a passphrase, which can be a saying or a line from a song or poem.

Don’t use the same password for every account; if your password is easily intercepted when inputted online in a place that doesn’t offer HTTPS, it’s easy to intercept your log-in information and use it to access your other accounts.

Change your passwords every 3 months or more often if you use internet cafe systems or computers other than your own.

If you have problems remembering passwords, use a secure encrypted program like KeePass to keep track of them.

Some accounts are compromised via lost password recovery systems. Be sure your security questions and answers for your accounts are not simple and easy to guess.

Mobile phones can also have security and privacy risks. Security in a Box has an extensive set of guides on how to make sure that your mobile phone is safe.

One of the challenges of protecting privacy and security online is that the technology changes quickly and we need to be vigilant and educated. But the basic steps as reflected by the advice above can go a long way.

How are protecting your privacy on social networks? What resources have you found useful?

5 Responses

Theres a way to protect and ensure your privacy on social netwroking sites such as Facebook. Theres a plug-in called uProtect.it — this plug-in allows you to post protected status updates, wall posts, comments, and even photos, the plugin encodes these posts or photos and allows you to set ‘permissions” so that only certain people you select are allowed to view the protected content. I just started using it about a week ago, and I can now post and upload anything I want without the risk of being exposed. you can get the plugin at the google chrome extenions store for free, or by going to uProtect.it/index

A lot of times, when people have an antivirus program installed in their PC or cellphone, they tend to just go ahead and leave it there in the background. When a virus hits, the automatic reaction normally goes along the lines of “Man! My antivirus software isn’t doing it’s job!”, which sometimes IS the case, but it’s not ALWAYS the case.
Virus databases of any antivirus program has updates, and these updates include the most recent virus definitions and protection against them. Let’s face it, in this day and age, you’re more likely to get hit by a newer virus than an older one. By lacking 50% of the virus definitions, you’re probably only about 25% protected, since it’s the newer 50% of the definitions, and these are the ones that are more likely to hit!
To make the long story short, update the virus database on whatever antivirus program you’re using, be it on your PC or your cellphone! It’s just one of those “Better Safe Than Sorry” things!

[...] we believe to be private or confidential is often open and available without our knowledge. Reading Beth’s Blog reminded me that there are always ways to get around privacy that we sometimes forget like our [...]